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Detailed Action 

Status of Claims: 

Claims 1-2, 4-8, 21-34 are pending in this Office Action. 
Claims 3, 9-20 are cancelled. 
Claims 21-34 are new. 

The new formal drawings filed 1 1/6/2006 are accepted. 

The changes to the specification made 1 1/6/2006 are accepted. 

The 35 U.S.C. 112, second paragraph rejection is withdrawn in light of applicant's 
amendment. 

Information Disclosure Statement 

The information disclosure statements filed on 7/31/06, and two filed on 9/29/07 have 
been considered. 

Response to Arguments 

Applicant's amendment filed 3/13/06 has been fully considered but is moot in view of 
new grounds of rejection on the new claims and found not persuasive on the previously 
presented claims. The reasons are set forth below. 

Applicant's invention as claimed : 
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Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (I) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 



Claims 1-2, 4-9; 25-29, 34 are rejected under 35 U.S.C. 102(e) as being anticipated 
by U.S. Patent No 6,674,756 by Rao et al. 

Regarding claim 1, a method, comprising: 

providing a switch having a plurality of process elements (PEs) [Rao: col. 2, lines 15-27; 
col, 4, lines 1-5], each of the plurality of Pes running a network operating system (NQS) [Rao: 
col. 4, lines 1-5; col. 8, lines 38- col. 9, line 43], the NQS allowing the switch to create discrete 
customized services for customers of a service provider operating the switch by providing each 
customer with a customized configuration of service object groups (Rao: col. 8, lines 38- col. 9, 
line 43); 

creating a system virtual router on a first PE of the plurality of PEs (Rao: col. 19, lines 
16-43), wherein creating the system virtual router includes establishing a global object manager 
associated with the NQS of the first PE, the globel object manager being responsible for 
managing global object groups and global object configurations (Rao: col. 19, lines 39-43); and 

configuring the plurality of PEs from the system virtual router (Rao: col. 19, lines 44-46; 
col. 17, lines 25- col. 18, line 1 1), wherein configuring includes establishing, via the global 
object manager, a local object manager on each of the PEs , wherein the local object manager for 
a given PE of the plurality of PEs manages objects local to the given PE and transfers messages 
between objects on the given PE and between objects on the given PE and objects on other PEs 
of the plurality of PEs (Rao: col. 8, lines 38-55). 
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With regards to claim 2, an article comprising a computer readable medium having instructions 
thereon, wherein the instructions, when executed in a computer, create a system for executing the 
method of claim 1 (Rao: col. 5, lines 64- col. 6, line 6). 

Regarding claim 4, the method of claim 1, wherein said configuring PEs of the plurality of PEs 
includes creating a customer virtual router form selected PEs on multiple blades (Rao: col. 3, 
lines 67- col. 4, line 9; blades; col. 20, lines 32-41), wherein creating a customer virtual router 
includes (Rao: col. 19, lines 28-52): 

establishing a virtual private network (VPN) associated with a customer (Rao: col. 20, 
lines 22-41); 

adding the customer virtual router to a list of virtual routers associated with the VPN 
(Rao: col. 20, lines 11-15; partitions of the VR to the VPN); and 

creating an object associated with the customer virtual router on each of the selected PEs 
(Rao: col. 19, lines 47-67). 

Regarding claim 5, the method of claim 1, wherein said configuring the plurality of PEs 
includes: 

adding new PEs (Rao: col. 7, lines 14-26); and 

using a distributed management layer to group PEs into at least one virtual router (Rao: 
col. 18, lines 12-64), wherein grouping includes assigning a group identifier to selected objects 
in each PE such that the selected objects can be addressed as a group (Rao: col. 19, lines 53-67). 

Regarding claim 6, the method of claim 5, wherein using a distributed management layer to 
group PEs into at least one virtual router includes: 

requesting the global object manager to create a virtual router from a group of PEs (Rao: 
col. 19, lines 28-52); 

requesting one or more of the local object managers to group the group of PEs (Rao: col. 
8, lines 38-55); 

activating PEs of the group (Rao: col. 1 8, lines 43-55); and 
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generating a status message that the at least one virtual router is created (Rao: col. 19, 
lines 22-26, 62-65; col. 24, lines 43-51). 

Regarding claim 7, the method of claim 6, wherein said activating PEs of the group includes 
causing a state machine for a PE of the PEs of the Rroup to enter an activate state (Rao: col. 19, 
lines 28-61 ; col. 24, lines 26-37). 

Regarding claim 8, the method of claim 5, wherein using distributed management layer to group 
PEs includes adding object identifiers to a global object database (Rao: col. 19, lines 62-67; 
resource pool; col. 18, lines 12-24). 

Regarding claim 25, a method comprising: 

providing a switch having a plurality of processor elements (PEs) (Rao: col. 2, lines 15- 
27; col. 4, lines 1-5), each of the plurality of PEs running a network operating system (NOS) 
(Rao: col. 4, lines 1-5; col. 8, lines 38- col. 9, line 43); 

creating discrete customized services for each customer of a service provider operating 
the switch by providing each customer with a customized configuration of service object groups 
(Rao: col. 8, lines 38- col. 9, line 43); and 

configuring and managing the service object groups by 

establishing a global object manager associated with the NOS of a first PE of the 

plurality of PEs, the global object manager being responsible for managing a global 

object database, global object groups and global object configurations (Rao: col. 17, lines 

25- col. 18, lines 28); 

establishing, via the global object manager, a local object manager on each of the 

plurality of PEs (Rao: col. 17, lines 25- col. 18, lines 28; col. 8, lines 38-55); and 

each of the local object managers managing objects local to the corresponding PE 

of the plurality of PEs, including establishing object channels between objects residing in 

local and remote address spaces via connection end points supported by the NOS, each 

object channel representing a point-to-point asynchronous communications channel 
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between a first object and a second object onto which services can be pushed (Rao: col. 8, 
lines 38-55). 

Regarding claim 26, the method of claim 25, further comprising configuring the plurality of PEs 
by creating a customer virtual router from selected PEs of the plurality of PEs on multiple blades 
of the switch (Rao: col. 3, lines 67- col. 4, line 9; blades; col. 20, lines 32-41); 

establishing a virtual private network (VPN) associated with a customer (Rao: col. 20, 
lines 22-41); 

adding the customer virtual router to a list of virtual routers associated with the VPN 
(Rao: col. 20, lines 11-15; partitions of the VR to the VPN); and 

creating an object associated with the customer virtual router on each of the selected PEs 
(Rao: col. 19, lines 47-67). 

Regarding claim 27, the method of claim 26, wherein said configuring the plurality of PEs 
includes: 

adding new PEs (Rao: col. 7, lines 14-26); and 

using a distributed messaging layer of the NOS to group PEs into at least one virtual 
router (Rao: col. 18, lines 12-64), wherein grouping includes allowing selected objects in each 
PE to be addressed as a group by assigning a group identifier to the selected objects (Rao: col. 
19, lines 53-67). 

Regarding claim 28, the method of claim 27, wherein said using a distributed messaging layer of 
the NOS to group PEs into at least one virtual router includes: 

requesting the global object manager to create a virtual router from a group of PEs (Rao: 
col. 19, lines 28-52); 

requesting one or more of the local object managers to group the group of PEs (Rao: col. 
8, lines 38-55); 

activating PEs of the group (Rao: col. 1 8, lines 43-55); and 

generating a status message that the at least one virtual router is created (Rao: col. 19, 
lines 22-26, 62-65; col. 24, lines 43-51). 
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Regarding claim 29, the method of claim 27, wherein said using a distributed messaging layer of 
the NOS to group PEs includes adding object identifiers to the global object database (Rao: col. 
19, lines 62-67; resource pool; col. 18, lines 12-24). 

Regarding claim 34, an article of manufacture comprising a computer-readable medium having 
instructions stored thereon, which when executed by one or more processors, cause the method 
of claim 26 to be performed (Rao: col. 5, lines 64- col. 6, line 6). 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 21-24, 30-33 are rejected under 35 U.S.C. 103(a) as being unpatentable by 
U.S. Patent No 6,674,756 by Rao et al in further view of U.S. Patent No. 7,096,495 by 
Warrier et al. 

Regarding claim 21, the Rao reference teaches the method of claim 1. The Rao reference fails to 
teach firewalls. 

However, the Warrier reference teaches customized configuration of service object 
groups associated with a first customer represent network resources of the switch sufficient to 
provide the first customer with network-based managed firewall services (Warrier: col. 3, lines 
45- col. 4, line 27) in order to allow administrators to dynamically configure network services 
(Warrier: col. 1, lines 7-36). 

It would have been obvious at the time of the invention to one of ordinary skill in the art 
to create the method of Rao to include configuring services to allow firewall services as taught 
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by Warrier in order to allow administrators to dynamically configure network services (Warrier: 
col. 1, lines 7-36). 

Regarding claim 22, the method of claim 21, wherein the customized configuration of service 
object groups associated with the first customer further represent network resources of the switch 
sufficient to provide the first customer with virtual private network (VPN) services (Rao: col. 9, 
lines 60-col. 10, line 5). 

Regarding claim 23, the Rao reference teaches the the method of claim 21. The Rao reference 
fails to teach firewalls. 

However, the Warrier reference teaches customized configuration of service object 
groups associated with a second customer represent network resources of the switch sufficient to 
provide the second customer with network-based managed firewall services (Warrier: col. 3, 
lines 45- col. 4, line 27) in order to allow administrators to dynamically configure network 
services (Warrier: col. 1, lines 7-36). 

It would have been obvious at the time of the invention to one of ordinary skill in the art 
to create the method of Rao to include configuring services to allow firewall services as taught 
by Warrier in order to allow administrators to dynamically configure network services (Warrier: 
col. 1, lines 7-36). 

Regarding claim 24, the method of claim 23, wherein the customized configuration of service 
object groups associated with the second customer further represent network resources of the 
switch sufficient to provide the second customer with virtual private network (VPN) services 
(Rao: col. 9, lines 60-col. 10, line 5). 

Regarding claim 30, the Rao reference teaches the method of claim 26. The Rao reference fails 
to teach firewalls. 

However, the Warrier reference teaches customized configuration of service object 
groups associated with a first customer represent network resources of the switch sufficient to 
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provide the first customer with network-based managed firewall services (Warner: col. 3, lines 
45- col. 4, line 27) in order to allow administrators to dynamically configure network services 
(Warrier: col. 1 5 lines 7-36). 

It would have been obvious at the time of the invention to one of ordinary skill in the art 
to create the method of Rao to include configuring services to allow firewall services as taught 
by Warrier in order to allow administrators to dynamically configure network services (Warrier: 
col. 1, lines 7-36). 

Regarding claim 31, the method of claim 26, wherein the customized configuration of service 
object groups associated with the first customer further represent network resources of the switch 
sufficient to provide the first customer with virtual private network (VPN) services (Rao: col. 9, 
lines 60-col. 10, line). 

Regarding claim 32, the Rao reference teaches the method of claim 30. The Rao reference fails 
to teach firewalls. 

However, the Warrier reference teaches customized configuration of service object 
groups associated with a second customer represent network resources of the switch sufficient to 
provide the second customer with network-based managed firewall services (Warrier: col. 3, 
lines 45- col. 4, line 27) in order to allow administrators to dynamically configure network 
services (Warrier: col. 1, lines 7-36). 

It would have been obvious at the time of the invention to one of ordinary skill in the art 
to create the method of Rao to include configuring services to allow firewall services as taught 
by Warrier in order to allow administrators to dynamically configure network services (Warrier: 
col. 1, lines 7-36). 

Regarding claim 33, the method of claim 31, wherein the customized configuration of service 
object groups associated with the second customer further represent network resources of the 
switch sufficient to provide the second customer with virtual private network (VPN) services 
(Rao: col. 9, lines 60-col. 10, line). 
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REMARKS 

Applicant's amendment filed 1 1/6/2006 is entered and considered with 3 IDS statements. 
Applicant made amendments to the independent claim but mostly added acronyms associated 
with the previously presented limitations and added new claims. 
The Applicant Argues : 

The Rao reference does not teach NOS on Processing Elements. 

In response , the examinerjespectfully submits: 

The examiner maintains the rejection. The Rao reference still teaches the claimed 
invention. Applicant's claimed processing elements (PE) are broad and not designated to any 
particular structure or specific structure. They are defined by implementation and use and Rao 
teaches processing elements on the switch. From FM to PM to chassis managers, all processing 
elements are described in detail. Installing a NOS (network operating system) on a first 
processing element is interpreted to be the installing of the software installed on the Forwarding 
Module (col. 4, lines 1-5). Rao teaches forwarding modules (PEs) that operate and perform the 
operations of allowing the switch to create discrete customized services for customers of a 
service provider operating the switch by providing each customer with a customized 
configuration of service object groups (Rao: col. 8, lines 38- col. 9, line 43) where network 
configurations and processing is conducted. Rao: col. 9, lines 60- col. 10, line 31 teaches users 
and corresponding network configurations storing preferences and configuration of the network 
elements (PEs). Further Rao teaches a system virtual router on a first PE of the plurality of PEs 
(Rao: col. 19, lines 16-43), wherein creating the system virtual router includes establishing a 
global object manager associated with the NOS of the first PE, the globel object manager being 
responsible for managing global object groups and global object configurations (Rao: col. 19, 
lines 39-43) and configuring the plurality of PEs from the system virtual router (Rao: col. 19, 
lines 44-46; col. 17, lines 25- col. 18, line 1 1), wherein configuring includes establishing, via the 
global object manager, a local object manager on each of the PEs, wherein the local object 
manager for a given PE of the plurality of PEs manages objects local to the given PE and 
transfers messages between objects on the given PE and between objects on the given PE and 
objects on other PEs of the plurality of PEs (Rao: col. 8, lines 38-55). The local objects are the 
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resources locally and globally shared. Applicant in the remarks states limitations of same and 
different address spaces. However, those limitations do not appear in the claim language nor are 
they persuasive over the art. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin R. Bruckart whose telephone number is (571) 272- 
3982. The examiner can normally be reached on 9:00-5:30PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
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applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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